Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa
File:                     56d828bf-81fa-4253-8691-f9c277ca84ba.roa (raw, json)
Hash identifier:          NiPNenXxH6+s8bGQ5Pcw4N7m1Z0tkKumIzZZ8IQih+g=
Subject key identifier:   10:07:0E:20:5B:0C:C3:DC:C1:F6:C6:A0:8A:FF:A8:9B:93:5C:0F:CE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7BD8D3FB5179E86195E8293125D43015CF4FCFC8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa
Signing time:             Tue 19 May 2026 02:50:49 +0000
ROA not before:           Tue 19 May 2026 02:50:49 +0000
ROA not after:            Mon 17 Aug 2026 23:59:59 +0000
asID:                     6167
IP address blocks:        155.146.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 May 2026 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:d8:d3:fb:51:79:e8:61:95:e8:29:31:25:d4:30:15:cf:4f:cf:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 19 02:50:49 2026 GMT
            Not After : Aug 17 23:59:59 2026 GMT
        Subject: serialNumber=181f44d0b048bbb52b505edb8c12139d6b7dada28a065bf9839a14e3ba298d86, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:dc:0f:3f:c0:84:fd:a2:53:e3:69:2f:eb:2b:
                    05:ff:dc:9f:6d:ea:3c:4a:ac:bc:16:a9:e2:0c:90:
                    2f:7b:9c:44:1c:08:aa:5a:73:00:9b:2c:1b:ea:f3:
                    b8:d4:12:ec:b1:ca:59:8d:c2:fa:43:88:ec:05:10:
                    01:b9:56:1a:d7:67:63:da:ee:07:2a:99:ae:e4:9f:
                    9f:4b:cf:93:1c:5a:7b:95:30:4f:b3:bc:46:f7:8a:
                    29:59:62:7c:ff:30:1c:84:b0:33:8e:57:09:8f:f1:
                    53:09:6c:14:cd:21:53:38:26:e4:ca:a4:ae:64:b3:
                    d5:d6:4b:a0:ad:d0:0a:d9:ee:24:29:01:51:00:31:
                    64:f3:20:48:86:b1:1b:e0:d8:2a:75:64:0e:da:6a:
                    05:00:84:d6:51:07:fc:0c:6f:b9:27:06:46:c9:21:
                    eb:ee:c9:e5:18:27:8f:27:22:c7:6a:b7:32:ed:93:
                    1f:14:7c:e0:03:d3:1b:53:18:f8:71:98:db:51:cc:
                    39:15:5e:bf:67:1b:10:74:a4:f1:6c:41:bd:6e:b7:
                    1f:12:40:4f:58:a9:9c:51:05:97:07:e0:4a:2f:73:
                    a7:69:58:cc:ee:59:02:73:01:93:a8:92:00:ab:b0:
                    66:9a:60:09:c6:22:0c:0b:68:1d:63:99:c0:3c:e2:
                    10:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:07:0E:20:5B:0C:C3:DC:C1:F6:C6:A0:8A:FF:A8:9B:93:5C:0F:CE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0a:7f:7b:9b:1d:13:fd:f7:94:43:a8:31:28:6a:ca:68:e2:c6:
         7f:a1:da:81:66:60:89:3a:33:25:b6:d1:f5:6d:10:a7:70:49:
         2b:a9:98:41:3d:83:03:7a:5a:4f:b7:62:7b:a7:05:72:d0:03:
         6f:b6:08:c3:ed:00:2f:2e:29:47:27:8c:98:61:2f:59:5a:cb:
         99:de:db:b4:ef:b8:e8:eb:a8:91:7e:51:f3:c5:d5:97:81:a3:
         ce:5a:5d:7f:85:b4:76:a2:3e:22:64:1c:38:ae:f2:c2:37:10:
         dc:a4:7f:98:77:da:c5:d1:ce:67:0a:dd:90:cd:45:bf:e7:f5:
         0b:fe:25:0a:ad:d4:d3:10:e7:6e:2a:4e:63:b6:0f:d1:61:cf:
         be:77:64:92:40:48:53:c2:bc:15:e2:4f:28:b6:bc:40:2c:32:
         12:e6:1a:15:96:2d:5f:c4:cd:4a:c4:f3:f7:cb:91:5f:86:1a:
         82:d2:d1:44:f1:68:19:c9:4b:00:2a:b2:45:fc:7b:56:fb:a7:
         02:c1:78:66:01:e4:82:05:ec:29:05:bf:47:2f:1c:bd:e1:ac:
         45:7a:f6:79:c4:01:cf:5c:e6:b2:cf:7f:e4:32:50:6a:49:d6:
         61:22:cc:89:67:25:cf:55:5a:cb:40:8c:ca:95:75:be:be:a4:
         30:e6:1e:4f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUe9jT+1F56GGV6CkxJdQwFc9Pz8gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjYwNTE5MDI1MDQ5WhcNMjYwODE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxODFmNDRkMGIwNDhiYmI1MmI1MDVlZGI4YzEyMTM5ZDZi
N2RhZGEyOGEwNjViZjk4MzlhMTRlM2JhMjk4ZDg2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC03A8/wIT9olPjaS/rKwX/3J9t6jxKrLwWqeIMkC97nEQc
CKpacwCbLBvq87jUEuyxylmNwvpDiOwFEAG5VhrXZ2Pa7gcqma7kn59Lz5McWnuV
ME+zvEb3iilZYnz/MByEsDOOVwmP8VMJbBTNIVM4JuTKpK5ks9XWS6Ct0ArZ7iQp
AVEAMWTzIEiGsRvg2Cp1ZA7aagUAhNZRB/wMb7knBkbJIevuyeUYJ48nIsdqtzLt
kx8UfOAD0xtTGPhxmNtRzDkVXr9nGxB0pPFsQb1utx8SQE9YqZxRBZcH4Eovc6dp
WMzuWQJzAZOokgCrsGaaYAnGIgwLaB1jmcA84hC9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUEAcOIFsMw9zB9sagiv+om5NcD84wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU2ZDgyOGJmLTgxZmEtNDI1My04NjkxLWY5YzI3N2NhODRiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCbkjANBgkqhkiG9w0BAQsFAAOCAQEACn97mx0T/feUQ6gxKGrKaOLGf6Ha
gWZgiTozJbbR9W0Qp3BJK6mYQT2DA3paT7die6cFctADb7YIw+0ALy4pRyeMmGEv
WVrLmd7btO+46OuokX5R88XVl4Gjzlpdf4W0dqI+ImQcOK7ywjcQ3KR/mHfaxdHO
ZwrdkM1Fv+f1C/4lCq3U0xDnbipOY7YP0WHPvndkkkBIU8K8FeJPKLa8QCwyEuYa
FZYtX8TNSsTz98uRX4YagtLRRPFoGclLACqyRfx7VvunAsF4ZgHkggXsKQW/Ry8c
veGsRXr2ecQBz1zmss9/5DJQaknWYSLMiWclz1Vay0CMypV1vr6kMOYeTw==
-----END CERTIFICATE-----